Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/BHjZBWV03_tuR39QIOfjXWljB_w.roa
File: BHjZBWV03_tuR39QIOfjXWljB_w.roa (raw, json)
Hash identifier: 2f7vMVqFO19DzdMmN4hA3erzlQDQYZ0bMHlq462JBwk=
Subject key identifier: 04:78:D9:05:65:74:DF:FB:6E:47:7F:50:20:E7:E3:5D:69:63:07:FC
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 4C
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BHjZBWV03_tuR39QIOfjXWljB_w.roa
Signing time: Sat 17 Feb 2024 15:55:03 +0000
ROA not before: Sat 17 Feb 2024 15:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 19:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76 (0x4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Feb 17 15:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0478D9056574DFFB6E477F5020E7E35D696307FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:19:d3:8f:fd:a3:01:5b:d7:47:50:e5:c7:
57:f6:c2:82:11:7a:47:48:65:7f:de:92:ca:59:59:
40:37:5f:42:64:06:22:34:7e:42:db:19:dc:c2:e1:
af:98:9c:bc:3c:68:e5:0c:bd:e8:e0:48:61:2e:8c:
8f:82:78:bd:d6:95:7d:0e:e8:5f:5d:fd:5d:75:18:
6c:92:e7:87:ec:8a:0f:84:2c:4f:b7:6e:c0:6d:1b:
90:1f:d7:49:72:3b:40:15:dc:e7:79:ac:87:21:0e:
e6:f0:69:31:8a:6e:3a:3f:e6:c3:db:c0:a3:0f:25:
e7:c6:c1:ae:6d:f8:db:76:43:66:b9:27:f7:f2:3b:
0d:f6:53:10:aa:a7:42:8f:61:ba:08:5b:d0:33:f1:
5b:a3:5a:03:2f:37:28:bb:d4:25:e9:ac:a6:3d:59:
38:66:42:48:fe:93:88:99:0c:1d:6a:60:ff:0b:f5:
53:8e:ca:3b:52:39:67:9c:d6:2a:5b:db:2f:18:77:
bf:9c:32:82:5f:23:5e:ee:28:62:3c:6f:03:d9:ee:
0d:ca:47:2e:c6:3d:22:25:a1:db:3a:ff:5f:fd:31:
38:f3:75:45:f4:58:dd:24:3e:2e:fa:ea:8b:4d:e6:
42:76:7f:d5:67:0e:ca:c3:d2:2b:d8:64:02:7d:73:
c7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:78:D9:05:65:74:DF:FB:6E:47:7F:50:20:E7:E3:5D:69:63:07:FC
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BHjZBWV03_tuR39QIOfjXWljB_w.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:4b:fa:e2:16:51:2f:3a:87:35:57:67:a8:7e:c9:0a:1d:3f:
13:8d:2c:97:e5:68:05:d4:58:9f:4d:5f:ea:4a:75:67:ed:27:
b3:4d:15:47:91:75:ec:d9:82:54:1b:24:49:16:9e:2c:b4:fa:
40:8d:b9:e9:63:16:7a:88:87:57:dc:d8:8d:bb:f9:d6:bf:dc:
67:c0:20:2f:6c:63:57:83:8a:d6:f0:b8:92:16:60:8c:41:9b:
f1:5f:3e:4e:90:42:83:ab:ac:7a:82:42:c9:25:97:59:2f:d5:
6d:6e:76:03:3f:5d:64:8e:85:89:05:c5:a2:d0:58:32:fe:99:
97:19:8e:26:34:f2:0c:df:f7:1f:4a:75:0c:d1:81:8a:86:0e:
2e:a2:ec:66:99:8a:56:18:30:f2:a5:6b:5c:64:1a:49:60:4f:
5c:17:ad:a4:87:ad:ff:d9:4c:f1:fc:63:59:22:ee:1c:c7:81:
eb:1b:d5:87:46:d1:1b:3d:3d:59:9b:dd:ff:af:39:47:5e:c5:
b5:83:dc:9b:27:b2:4e:7e:4e:a0:ac:81:22:46:5e:f6:bb:c5:
80:9e:47:f2:4e:cc:fe:47:a8:ce:14:0c:d5:ff:51:09:fb:15:
a2:44:43:5d:ff:61:32:9d:89:4b:a8:7d:2d:b6:c4:14:69:cd:
15:06:c6:28
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNzE1
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ3OEQ5MDU2NTc0REZG
QjZFNDc3RjUwMjBFN0UzNUQ2OTYzMDdGQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANXGGdOP/aMBW9dHUOXHV/bCghF6R0hlf96SyllZQDdfQmQGIjR+
QtsZ3MLhr5icvDxo5Qy96OBIYS6Mj4J4vdaVfQ7oX139XXUYbJLnh+yKD4QsT7du
wG0bkB/XSXI7QBXc53mshyEO5vBpMYpuOj/mw9vAow8l58bBrm3423ZDZrkn9/I7
DfZTEKqnQo9hughb0DPxW6NaAy83KLvUJemspj1ZOGZCSP6TiJkMHWpg/wv1U47K
O1I5Z5zWKlvbLxh3v5wygl8jXu4oYjxvA9nuDcpHLsY9IiWh2zr/X/0xOPN1RfRY
3SQ+Lvrqi03mQnZ/1WcOysPSK9hkAn1zx3cCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBQEeNkFZXTf+25Hf1Ag5+NdaWMH/DAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvQkhqWkJXVjAzX3R1UjM5
UUlPZmpYV2xqQl93LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEAi0v64hZRLzqHNVdnqH7JCh0/E40sl+VoBdRY
n01f6kp1Z+0ns00VR5F17NmCVBskSRaeLLT6QI256WMWeoiHV9zYjbv51r/cZ8Ag
L2xjV4OK1vC4khZgjEGb8V8+TpBCg6useoJCySWXWS/VbW52Az9dZI6FiQXFotBY
Mv6ZlxmOJjTyDN/3H0p1DNGBioYOLqLsZpmKVhgw8qVrXGQaSWBPXBetpIet/9lM
8fxjWSLuHMeB6xvVh0bRGz09WZvd/685R17FtYPcmyeyTn5OoKyBIkZe9rvFgJ5H
8k7M/keozhQM1f9RCfsVokRDXf9hMp2JS6h9LbbEFGnNFQbGKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org